General
-
Target
9cd40de5315ae33b68773190b5e9964d7984418492d5f685e6e2fd2a04a63261
-
Size
1.2MB
-
Sample
241109-ehqz8azlen
-
MD5
fde2280242aff0290c7de9d18c6d45b2
-
SHA1
4b5ce42144a6f93eb5af6c23db9b55846d5813bb
-
SHA256
9cd40de5315ae33b68773190b5e9964d7984418492d5f685e6e2fd2a04a63261
-
SHA512
1739559117a62118d77c2b54c6dc144069a2fc8800131de84fb0f197a688567d4aed5f679b2d52f20f6daad94768e079fe86c81506d0750737c26c26964e12ee
-
SSDEEP
24576:98iMtJbRDOVvUGEdJWXZo9Q6M6qSiuKXAtO+j/4pE+XSL0Fe3/18YS5/+O:98J5ys/EXZsJitXOEBU02/18dt
Static task
static1
Behavioral task
behavioral1
Sample
9cd40de5315ae33b68773190b5e9964d7984418492d5f685e6e2fd2a04a63261.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
9cd40de5315ae33b68773190b5e9964d7984418492d5f685e6e2fd2a04a63261.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9cd40de5315ae33b68773190b5e9964d7984418492d5f685e6e2fd2a04a63261
-
Size
1.2MB
-
MD5
fde2280242aff0290c7de9d18c6d45b2
-
SHA1
4b5ce42144a6f93eb5af6c23db9b55846d5813bb
-
SHA256
9cd40de5315ae33b68773190b5e9964d7984418492d5f685e6e2fd2a04a63261
-
SHA512
1739559117a62118d77c2b54c6dc144069a2fc8800131de84fb0f197a688567d4aed5f679b2d52f20f6daad94768e079fe86c81506d0750737c26c26964e12ee
-
SSDEEP
24576:98iMtJbRDOVvUGEdJWXZo9Q6M6qSiuKXAtO+j/4pE+XSL0Fe3/18YS5/+O:98J5ys/EXZsJitXOEBU02/18dt
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1